Re: *** bluber *** Re: Male xxxxxx enhancement formula^
On Mon, 2005-05-30 at 16:34 +1200, Chris Bannister wrote:
> There has been heated debate on comp.mail.misc about C/R systems.
> There is a "Fighting email spam and anti-UBE pointers" posting which is
> posted to comp.mail.misc, comp.answers, news.answers 2 times a month.
> "Challenge-Response system is based on false assumption that sender's
> address can be used for authentication. It cannot and thus any C-R
> system will contribute nothing else by amplifying the spam problem."
And the hidden (and unproven) assumption in this statement is that
spammers use real email addresses that have been validated. I have seen
worms do this. I have never seen spammers do this.
If this (challenge-response) were to become a common system, spammers
might start using real email addresses. But since it isn't, they don't.
Further, there are technical means that are starting to be used to
combat the problem of faked return domains for similar reasons.
Since I strongly disagree with the premise, I do not accept the
conclusion. In my opinion, C/R is a viable method of combating spam --
but not the only one, nor should it be used alone.